Remove safe mode for invalid entries in config (#8650)

The approach is that now safe mode is only invoked when
we cannot read the config or under some catastrophic
situations, but not under situations when config entries
are invalid or unreachable. This allows for maximum
availability for MinIO and not fail on our users unlike
most of our historical releases.

cmd/config-current.go

@@ -291,23 +291,28 @@ func validateConfig(s config.Config) error {
 		globalNotificationSys.ConfiguredTargetIDs())
 }
 
-func lookupConfigs(s config.Config) (err error) {
+func lookupConfigs(s config.Config) {
+	ctx := context.Background()
+
+	var err error
 	if !globalActiveCred.IsValid() {
 		// Env doesn't seem to be set, we fallback to lookup creds from the config.
 		globalActiveCred, err = config.LookupCreds(s[config.CredentialsSubSys][config.Default])
 		if err != nil {
-			return fmt.Errorf("Invalid credentials configuration: %w", err)
+			logger.LogIf(ctx, fmt.Errorf("Invalid credentials configuration: %w", err))
 		}
 	}
 
 	etcdCfg, err := xetcd.LookupConfig(s[config.EtcdSubSys][config.Default], globalRootCAs)
 	if err != nil {
-		return fmt.Errorf("Unable to initialize etcd config: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to initialize etcd config: %w", err))
 	}
 
-	globalEtcdClient, err = xetcd.New(etcdCfg)
-	if err != nil {
-		return fmt.Errorf("Unable to initialize etcd config: %w", err)
+	if etcdCfg.Enabled {
+		globalEtcdClient, err = xetcd.New(etcdCfg)
+		if err != nil {
+			logger.LogIf(ctx, fmt.Errorf("Unable to initialize etcd config: %w", err))
+		}
 	}
 
 	if len(globalDomainNames) != 0 && !globalDomainIPs.IsEmpty() && globalEtcdClient != nil {
@@ -318,51 +323,46 @@ func lookupConfigs(s config.Config) (err error) {
 			dns.CoreDNSPath(etcdCfg.CoreDNSPath),
 		)
 		if err != nil {
-			return config.Errorf(config.SafeModeKind,
-				"Unable to initialize DNS config for %s: %s", globalDomainNames, err)
+			logger.LogIf(ctx, fmt.Errorf("Unable to initialize DNS config for %s: %w",
+				globalDomainNames, err))
 		}
 	}
 
 	globalServerRegion, err = config.LookupRegion(s[config.RegionSubSys][config.Default])
 	if err != nil {
-		return fmt.Errorf("Invalid region configuration: %w", err)
-	}
-
-	globalWORMEnabled, err = config.LookupWorm()
-	if err != nil {
-		return fmt.Errorf("Invalid worm configuration: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Invalid region configuration: %w", err))
 	}
 
 	if globalIsXL {
 		globalStorageClass, err = storageclass.LookupConfig(s[config.StorageClassSubSys][config.Default],
 			globalXLSetDriveCount)
 		if err != nil {
-			return fmt.Errorf("Unable to initialize storage class config: %w", err)
+			logger.LogIf(ctx, fmt.Errorf("Unable to initialize storage class config: %w", err))
 		}
 	}
 
 	globalCacheConfig, err = cache.LookupConfig(s[config.CacheSubSys][config.Default])
 	if err != nil {
-		return fmt.Errorf("Unable to setup cache: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to setup cache: %w", err))
 	}
 
 	if globalCacheConfig.Enabled {
 		if cacheEncKey := env.Get(cache.EnvCacheEncryptionMasterKey, ""); cacheEncKey != "" {
 			globalCacheKMS, err = crypto.ParseMasterKey(cacheEncKey)
 			if err != nil {
-				return fmt.Errorf("Unable to setup encryption cache: %w", err)
+				logger.LogIf(ctx, fmt.Errorf("Unable to setup encryption cache: %w", err))
 			}
 		}
 	}
 
 	kmsCfg, err := crypto.LookupConfig(s, globalCertsCADir.Get())
 	if err != nil {
-		return fmt.Errorf("Unable to setup KMS config: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to setup KMS config: %w", err))
 	}
 
 	GlobalKMS, err = crypto.NewKMS(kmsCfg)
 	if err != nil {
-		return fmt.Errorf("Unable to setup KMS with current KMS config: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to setup KMS with current KMS config: %w", err))
 	}
 
 	// Enable auto-encryption if enabled
@@ -370,19 +370,19 @@ func lookupConfigs(s config.Config) (err error) {
 
 	globalCompressConfig, err = compress.LookupConfig(s[config.CompressionSubSys][config.Default])
 	if err != nil {
-		return fmt.Errorf("Unable to setup Compression: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to setup Compression: %w", err))
 	}
 
 	globalOpenIDConfig, err = openid.LookupConfig(s[config.IdentityOpenIDSubSys][config.Default],
 		NewCustomHTTPTransport(), xhttp.DrainBody)
 	if err != nil {
-		return fmt.Errorf("Unable to initialize OpenID: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to initialize OpenID: %w", err))
 	}
 
 	opaCfg, err := opa.LookupConfig(s[config.PolicyOPASubSys][config.Default],
 		NewCustomHTTPTransport(), xhttp.DrainBody)
 	if err != nil {
-		return fmt.Errorf("Unable to initialize OPA: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to initialize OPA: %w", err))
 	}
 
 	globalOpenIDValidators = getOpenIDValidators(globalOpenIDConfig)
@@ -391,7 +391,7 @@ func lookupConfigs(s config.Config) (err error) {
 	globalLDAPConfig, err = xldap.Lookup(s[config.IdentityLDAPSubSys][config.Default],
 		globalRootCAs)
 	if err != nil {
-		return fmt.Errorf("Unable to parse LDAP configuration: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to parse LDAP configuration: %w", err))
 	}
 
 	// Load logger targets based on user's configuration
@@ -399,7 +399,7 @@ func lookupConfigs(s config.Config) (err error) {
 
 	loggerCfg, err := logger.LookupConfig(s)
 	if err != nil {
-		return fmt.Errorf("Unable to initialize logger: %w", err)
+		logger.LogIf(ctx, fmt.Errorf("Unable to initialize logger: %w", err))
 	}
 
 	for _, l := range loggerCfg.HTTP {
@@ -415,11 +415,6 @@ func lookupConfigs(s config.Config) (err error) {
 			logger.AddAuditTarget(http.New(l.Endpoint, loggerUserAgent, string(logger.All), NewCustomHTTPTransport()))
 		}
 	}
-
-	// Enable console logging
-	logger.AddTarget(globalConsoleSys.Console())
-
-	return nil
 }
 
 // Help - return sub-system level help
@@ -437,32 +432,25 @@ func GetHelp(subSys, key string, envOnly bool) (Help, error) {
 	}
 	subSystemValue := strings.SplitN(subSys, config.SubSystemSeparator, 2)
 	if len(subSystemValue) == 0 {
-		return Help{}, config.Errorf(
-			config.SafeModeKind,
-			"invalid number of arguments %s", subSys)
+		return Help{}, config.Errorf("invalid number of arguments %s", subSys)
 	}
 
 	subSys = subSystemValue[0]
 
 	subSysHelp, ok := config.HelpSubSysMap[""].Lookup(subSys)
 	if !ok {
-		return Help{}, config.Errorf(
-			config.SafeModeKind,
-			"unknown sub-system %s", subSys)
+		return Help{}, config.Errorf("unknown sub-system %s", subSys)
 	}
 
 	h, ok := config.HelpSubSysMap[subSys]
 	if !ok {
-		return Help{}, config.Errorf(
-			config.SafeModeKind,
-			"unknown sub-system %s", subSys)
+		return Help{}, config.Errorf("unknown sub-system %s", subSys)
 	}
 	if key != "" {
 		value, ok := h.Lookup(key)
 		if !ok {
-			return Help{}, config.Errorf(
-				config.SafeModeKind,
-				"unknown key %s for sub-system %s", key, subSys)
+			return Help{}, config.Errorf("unknown key %s for sub-system %s",
+				key, subSys)
 		}
 		h = config.HelpKVS{value}
 	}
@@ -502,9 +490,7 @@ func newSrvConfig(objAPI ObjectLayer) error {
 	srvCfg := newServerConfig()
 
 	// Override any values from ENVs.
-	if err := lookupConfigs(srvCfg); err != nil {
-		return err
-	}
+	lookupConfigs(srvCfg)
 
 	// hold the mutex lock before a new config is assigned.
 	globalServerConfigMu.Lock()
@@ -528,9 +514,7 @@ func loadConfig(objAPI ObjectLayer) error {
 	}
 
 	// Override any values from ENVs.
-	if err = lookupConfigs(srvCfg); err != nil {
-		return err
-	}
+	lookupConfigs(srvCfg)
 
 	// hold the mutex lock before a new config is assigned.
 	globalServerConfigMu.Lock()